[go: up one dir, main page]

CN1255209A - Method and system for networked installation of uniquely customized, authenticable and traceable software applications - Google Patents

Method and system for networked installation of uniquely customized, authenticable and traceable software applications Download PDF

Info

Publication number
CN1255209A
CN1255209A CN98804864A CN98804864A CN1255209A CN 1255209 A CN1255209 A CN 1255209A CN 98804864 A CN98804864 A CN 98804864A CN 98804864 A CN98804864 A CN 98804864A CN 1255209 A CN1255209 A CN 1255209A
Authority
CN
China
Prior art keywords
software application
discernible
computing machine
verify
installation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN98804864A
Other languages
Chinese (zh)
Inventor
格尔顿·艾德华·拉罗斯
戴维·伊恩·阿兰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHARNAIWER Co Ltd
Original Assignee
CHARNAIWER Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHARNAIWER Co Ltd filed Critical CHARNAIWER Co Ltd
Publication of CN1255209A publication Critical patent/CN1255209A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Storage Device Security (AREA)

Abstract

A method to create, distribute and install on an installation computer a uniquely customized instance of a software application that is authenticable and traceable to a particular user. A secure distribution agent resident on a distribution computer collects identifying information, and calculates a cryptographic signature of the software application and identifying information. The identifying information and cryptographic signature are embedded in the software application by the secure distribution agent. A user installation agent resident on the installation computer manages the installation of the software application with embedded data on the installation computer. Prior to installation, the user installation agent may use the cryptographic signature to verify that the software application, and the identifying information are authentic and have not been tampered with.

Description

To unique customization, the legal method and system of installing on the net with traceable software application
The present invention relates to a kind of method and system, it carries out each user is electronic marketing and installation unique customization, legal and software application tracking to the user by network.
Along with such as the online computer environment of the Internet growing importance and reliability, sell the importance that (ESD) presents to be increased day by day as the electronic software of a kind of means of using to user's selling software.The online facility of current existence allows the user to order under the software that needn't physically pay compression packing and install software is used.Typically, the preparation of the software publishing chamber of commerce is used for the key plate of the software application of electronic marketing.Then the order of this software application is bought in the online proposition of user, and publisher receives and fulfil order.User's download software application and being installed on its oneself the computing machine then.
Shortcoming in the existing online facility is, the software application of paying to the user in form and the software application that from retail trader and products catalogue, obtains just the same.Lack encipherment protection, the user is the sale version of mutual shareware freely.
Even there is encipherment protection because all users have identical software application copy (must have identical cipher mode), bootlegging may be quite big.Have in the situation of single elementary solution key at all, wherein insert this decryption key (or its equivalent) by the user mostly, thereby this user can utilize this key to obtain the user's shareware without many uses of this program is used with other.Exist now and be exclusively used in the bulletin board and the site, the Internet of sharing these decryption keys, the crowd's that not paying of program used visit is expected by those in these places by the decryption key of applying for the application program that they obtain separately.
In addition, although in software application, be provided with more crisscross anti-pirate method, but software " hacker " generation " decoding " program is of common occurrence, utilizes program version such routine processes distributed for free, that function is limited can generate the global function revision that needn't buy usufructuary this program.For the master-hand who uses " revealed secrets " working solution decryption key simply, also be of no avail even adopt the most exquisite different single key form (can relate to disposable response) of a large amount of distributions for dynamically attempting this form of key derivation.Although this " revealed secrets " relates to more technical complexity compared with above-mentioned shared key, on the distribution channel be very similar to may influencing of product income.
In addition, the software application by conventional ESD technical selling does not provide their integralities separately of any protection to prevent the unauthorized means of altering.
Portland software company produces a kind of with ZipLock TMThe electronic software marketing system that trade mark is sold, this system in package is used at the software that carries out electronic marketing on the Internet.ZipLock TMBut system discloses the system that a kind of standard executive software that is protected by cryptographic key to the client's sale that resides on the user's computer from security server is used.The data of user input are sent to security server and are used to make up a customization digital license that sends to the user by computer documents independently.ZipLock TMThe mechanism that system did not both provide detection that but the executive software application itself is altered, nor can follow the tracks of this software application unauthorizedly sail again mid-sales and whether comprise digital license.
Prior art discloses some and has been used to prevent other system and method for illegally being used to the software that user's electronic is sold.In 5,509, No. 074 patent of the U.S. of Choudhury, a kind of method of utilizing cipher protocol protection electronic distribution material is disclosed.The first illustrated embodiment needs specialized hardware, so that to sending to user's document deciphering.This has limited the widespread use of this method on the employed personal computer of masses.In the second approach, do not need specialized hardware.In the method, the publisher revises the line spacing of document or word space so that every part of document is unique for each user.Encrypt unique document then and be sent on the user's computer.In case receive encrypted document, user's computer can point out the user to import its privacy key, and this key is used to separate confidential document and reads for sight.This piece document disclosed method can not prevent piracy, and just going out the user by available pirate document tracking hinders copy right piracy for it.In addition, the document only is fit to data file, can not protect the executable file of any kind.
In 5,416, No. 840 patents of the U.S. of Cane, disclosed, for example the method and system that the protection computer program is sold on radio frequency common broadcast or the computer network a kind of being used at broadcast medium.In this piece document, this method relates to encrypts a part of computer program at least, thereby provides a password that is used to decipher this computer program can install and use this computer program to the user.Generate and transmit a unique password, for the selected software program that is used on the decrypt media subsequently being held to the user.Can not be although it discloses a kind of generation, transmission and uses by the method and system of the shared unique password of the different user of software application, the document requires the user to have proprietary hardware, and this has limited the widespread use that utilizes the popular personal computer that is had.
In No. 5,586,186, the United States Patent (USP) of Yuval, a kind of method and system that is used to control to the unauthorized access of the software of being sold to the user is disclosed.The main member of this system is an encryption equipment, a user key generator and a deciphering machine.Encryption equipment generates encryption key and decruption key, stores on the broadcast medium such as CDROM with encryption keys software and the encrypted form of software.The user key generator utilizes the numeral expression and the decruption key of the identifying information that the user provides to generate unique key.Deciphering machine is responsible for utilizing the identifying information that the user provides and the encrypted form of unique user key decryption software.The disclosed decryption method of the document allows a large amount of different but similar in logic key is used as decruption key, and each decruption key wherein is unique for certain specific user.Yet, be used to utilize user-defined data customization software application can differentiate the means of software application itself thereby this piece document is unexposed.In addition, the document can not prevent that it only hinders pirate by following the tracks of key by sharing the copy right piracy of key.
The present invention is with a kind of relevant to the method that computing machine electronic marketing software application is installed from distributing computer, the method comprising the steps of: receive identifying information at described distributing computer, at described distributing computer described identifying information is embedded in the described software application to form discernible software application, for described discernible software application generates the password signature, but the signature of described password be embedded into described identification software use in forming discernible and software application that can verify, and discerniblely be sent to described installation computing machine described with software application that can verify from described distributing computer.
Method and system of the present invention discloses a kind of software customized, transmission and mounting means under online.No longer be to use to user's selling software installing to install under the similar fully executable file that can not follow the tracks of on the computing machine, method and system disclosed herein disclose a kind of foundation, distribution and in the means that can verify the specific user and the unique customization part traceable software application of installation on the computing machine is installed.
Method and system disclosed herein is to reside in the user installation agent (UIA) of installing on the computing machine to provide by distribution channel for distribution and the safe sale agent (SDA) that resides on the sales computer and connect.UIA and/or SDA prompting user imports identifying information, and this identifying information and relevant business information one such as license terms are used from foundation and are embedded into unique data collection in the required software application by SDA.By utilizing cryptographic Hash algorithms and special use/Public key cryptology (wherein private key is only known by SDA), calculate the password signature of required software application and embedding data set, and the password signature is embedded in the software application.Send to and be installed on the installation computing machine having the software application that embeds data and password signature by distribution channel for distribution.Randomly, the installation computing machine can utilize the password signature to examine software application and embed data and all do not altered.Can to being installed, computing machine send the Public key (group) that is used for the clear crytpographic key signature together or by other means such as E-mail, the Internet bulletin board etc. with software application.After installation, use in every way to embed data and password signature, for example, a kind of means of following the tracks of the user of software application are provided, and the lasting globality that management software is used guarantees to continue to keep License Status, carry out virus checking, perhaps automatically software application itself is upgraded.
Fig. 1 is the block diagram of system survey, so that each input and the member of system and method for the present invention to be shown;
Fig. 2 is the structure and the service data flow graph of secure distribution agent of the present invention;
Fig. 3 A is a block diagram, and expression utilizes the CONSTRUCTED SPECIFICATION of the set distribution of document of single step Cipher Processing;
Fig. 3 B is a block diagram, and expression utilizes the CONSTRUCTED SPECIFICATION of the set distribution of document of two step Cipher Processing;
Fig. 3 C is a block diagram, and expression utilizes the CONSTRUCTED SPECIFICATION of set distribution of document of Cipher Processing of a kind of modification of the two step Cipher Processing shown in Fig. 3 B;
Fig. 4 is the structure of the user installation agent that adopts of the present invention and the block diagram of operation;
Fig. 5 is a block diagram, and the means that embed data are extracted and verified to expression from mounted distribution of document;
Fig. 6 is the process flow diagram of the first embodiment of the present invention, and this embodiment embeds data by the public encryption key checking;
Fig. 7 is the process flow diagram of the second embodiment of the present invention, and this embodiment embeds data by each user's unique password key authentication; And,
Fig. 8 is a block diagram, and expression sends to the various uses of the software application after user's the installation by the present invention.
Fig. 1 represents the various inputs and the member of system and method for the present invention.On behalf of electronic software, top layer sell (ESD) rear end member 10, it comprises software switching station, software marker, publisher, credit service merchant etc., they all exchange with the secure distribution agent (SDA) 100 that resides on the distributing computer, and distributing computer constitutes essential part of the present invention.By the Internet or specific computer network, SDA100 and each ESD rear end member 10 interface with the method for payment support is provided, from publisher's software application or the like of packing into.Do not influencing under the method and system of the present invention, can change the definite feature of ESD rear end member 10.
SDA100 is made of the collaboration software programming system that security context moves down.Need only its secret of guaranteeing user data, guarantee user and other possible third-party checking and appropriately limit external reference in operation, the characteristic of security context is unessential for the present invention.Physically this environment can with or discord computing machine be installed separated.In Fig. 2, illustrate in greater detail structure and the operation of SDA100.
One of input of SDA100 is the set of databases 20 of the software application supported, license terms, permitted user etc.Before operation the present invention and among, SDA100 is right/send and receive relevant data from set of databases 20.The definite feature of set of databases 20 and content are not intrinsic propestieses of the present invention.
Distribution channel for distribution 300 shown in Fig. 1 can be made of the computer network such as the Internet or dedicated network, perhaps if SDA100 very near user installation agent (UIA) 200 o'clock by for keeping a required safe floor of safety to constitute.Select ground fully, it can comprise certain combination of these assemblies.Distribution channel for distribution 300 is used to connect UIA200 and SDA100 (thereby be connected distributing computer and computing machine is installed), so as between these two agencies exchange message, and so that a set distribution of document 170 (shown in Fig. 2) is distributed on the UIA200 from SDA100.Although distribution channel for distribution 300 is shown between SDA100 and UIA200, system of the present invention does not also require that SDA100 is physically away from UIA200.
The user side place is UIA200, and UIA200 resides in an installation/auto-update software program of installing on the computing machine.This program is used for communicating by letter with SDA100 by distribution channel for distribution 300, and is used for the action required that execution is described in more detail later on the computing machine is being installed.Although each software application of supporting needs a UIA200 usually, the insider knows UIA200 that can support a plurality of software application of exploitation.The distribution form 30 of UIA200 also is shown among Fig. 1, and it is comprising each support file.For operation of the present invention, the feature of the distribution form 30 of UIA200 is unessential.Can adopt in CD ROM, world wide web (www) download, the floppy disk etc. any.
UIA200 receives the data 32 of user's input, such as name, address, payment selection etc. and with receive the relevant data of final user's licence.Also can be to the UIA200 input for the environment sensitive data of handling 34, such as the speed of CPU, the size of hard disk, speed of modulator-demodular unit or the like.The identifying information that UIA200 handles can comprise information such as any relevant buyer, dealer, installation agent, date, sequence number, licence explanation.These data can be used for automatically registering required software application and buyer or its merchant agent.
As described above, recognition data 32,34 formations and relevant identifying informations such as user, its computing machine.UIA200 processing and identification data 32,34 also are sent to SDA100 by distribution channel for distribution.Will of course be appreciated that, need not send to SDA100 to identifying information by distribution channel for distribution 300.For example, can be input to identifying information among the SDA100 by oral, written or other non-electronics mode in this locality.SDA100 the data combination of storage in identifying information 32,34 and the set of databases 20 get up with produce for the user be unique customization, that can verify and traceable set distribution of document 170.By distribution channel for distribution 300 set distribution of document 170 is sent to UIA200.From the output of UIA200 is that unique customized software is used 15 (hereinafter referred to as " the set distributions of document that are mounted "), and it is installed on the installation computing machine and has the identifying information that is embedded in wherein.
Though the individual consumer that " user " is mounted in the software application 15 on the personal computer is inferred in explanation of the present invention, the insider can understand and present invention may also be run under the networking final user environment, and wherein " user " is responsible for software is installed in the network manager who uses for some final users on the central server.
Fig. 2 is the structure of SDA100 of the present invention and the data flow diagram of operation.It is an input of converse routine 110 that original distribution of document 130 is shown as.In the enforcement of the imagination, original distribution of document 130 is input to SDA100 by the set of databases shown in Fig. 1 20.Original distribution of document 130 should be understood that and to be input to SDA100 to original distribution of document 130 by set of databases 20, because may reside on the distributing computer that is comprising SDA100.Converse routine 110 has the data 140 in the distribution of document 130 of will being embedded into as another input, and has required public/private cryptographic key to 150.Embed data 140 and generate by user interactions program 120, user interactions program 120 by UIA200 and user interactions so that receive recognition data 32,34 (shown in Fig. 1) and from the data of set of databases 20 support software application, license terms, permitted user.
Can be any form and any content although embed data 140, estimate to embed data 140 and will comprise the information that can trace into software application 15 unique user and licence execution.For example, embed data 140 and can comprise a unique sequence number, it is used to discern the set distribution of document 170 that is distributed to the user.This can eliminate the swindle of sequence number common in the software industry, and wherein existing software application can only be carried out simple validity check, and this inspection can by single ordered sequence widely number deceive people repeatedly use cheat.Embedding data 140 can be taked the form into the complete licensing agreement of each customization, comprising address name, address, software sequence number, license terms or the like.Can preserve the user profile record that user interactions program 120 is collected by set of databases 20.
The output of converse routine 110 is set distributions of document 170, and the latter had both comprised original distribution of document 130, embedded the content of data 140, also comprises the password signature that embeds data 140 and original distribution of document 130.Then, by distribution channel for distribution 300 set distribution of document 170 is sent to UIA200.UIA200 then is installed to set distribution of document 170 and installs on the computing machine.In case set distribution of document 170 has been installed, it takes to install the form of set distribution of document 15.
By being connected of itself and UIA200, SDA100 can consult arbitrarily license terms, show end-user license agreement (EULA), confirm to the acceptance of this agreement and according to user identity of having set up and the concrete license terms online registration of executive software automatically with the user.For commercial and jural consideration, for example, SDA100 can propose different quotation clause and license terms to the user of country variant, and the different versions carried out may be provided.In addition, can provide different quotations according to attribute such as CPU ability that computing machine is installed.
Determining that address that the user proposes and credit number are effective, compatible and are positioned on the function of given geometric areas and do not require that SDA100 is intelligent.These functions can be realized by the high-rise ESD member shown in Fig. 1 10.
Fig. 3 A illustrates in greater detail the process that makes up set distribution of document 170.For purposes of illustration, suppose the dissimilar interior zone that the structure of original distribution of document 130 comprises heading message and is used for code, static data etc., such as Windows TM' PortableExecutable ' (PE) program file.General insider can understand, and method and system of the present invention can be used some different file layouts.Similarly, it is computer documents that the output 170 of the input 140,151 of converse routine 110 and converse routine 110 is shown as, but they can be image in the storer, from stream of other processor or the like.
The following describes the typical step sequence of the structure set distribution of document of being undertaken by SDA100 170.
1. judge the result's (that is, be authorized for dispatch according to certain specific collection distribution of document 170 of method of the present invention, and made up required embedding data block 140) who needs conversion, operation converse routine 110 as user interactions program 120.Carry out all subsequent steps unless make other indication converse routine 110.
Its objective is to obtain alleged " digital signature " or " password signature " usually, it has two aspects in essence:
(i) by utilizing cryptographic Hash algorithms, the password fingerprint of generation and data " ed " 130,140 unique correspondences; And
(ii) by protecting the password fingerprint with a private key encryption; thereby can confirm that to the recipient of password fingerprint data " ed " 130,140 do not suffer damage by utilizing Public key and cryptographic algorithm; and wherein do not need to have the ability that generates new key fingerprint, nor can change data colorably.
Be absolutely necessary for reaching these two steps of advantage of the present invention, because there are not these two step third parties can under the situation that the recipient can not discover, intervene or change data.This process is different from enciphered data 130,140 simply, and such method is not enough for operation of the present invention, does not change data the 130, the 140th colorably because it does not exist, the method that can be discovered.
2. the I/O logical circuit 111 of converse routine data 140 of reading in required original distribution of document 130, its corresponding cryptography private key 151 and will embed.Although converse routine 110 does not require, can import a Public key 152 into so that it is added in the set distribution of document 130.Utilize cryptographic Hash algorithms 112 and public-private key (PPK) cryptographic algorithm 113, generate password signature 174.The basic step of this processing is:
2.1 impose one-way hash function " hf " to generate password signature " edh ", i.e. edh=hf (ed) to data " ed " 130,140.To this password fingerprint require as follows: (i) it produces a rational compression result, be length (edh)<<length (ed), and be preferably the fixed length result, (ii) fingerprint itself can not be used for determining original data block back, that is, do not have anti-hash function " bhf " thus bhf (edh)=ed; (iii) it is responsive especially to the change in " ed "; That is, the change of the single position in " ed " can change in " edh " about 50% position, and (iv) construct a vacation embedding data block " fed " its can generate the fingerprint the same with " ed ", promptly hf (ed)=hf (fed) is very difficult.Exist some algorithms that satisfy these requirements, for example MD5 (message digest 5) and SHA (Secure Hash Algorithm).The present invention also can adopt other also can satisfy the algorithm of above-mentioned criterion.
2.2 utilize private key 151 " prk " and public/private encryption function " ppef " Crypted password fingerprint " edh " to generate password signature " edf " 174, that is: edf=ppef (prk, edh).To encryption function " ppef " require as follows: (i) result of its generation is not obvious greater than its input; (ii) it protects short relatively data set effectively, because " edh " is some byte longs rather than thousands of byte long; Can not utilize Public key 151 (" puk ") and password signature " edf " 174 on (iii) calculating or utilize a plurality of examples (can on the installation computing machine, see them) of " edf " 174 to derive private key " prk ", promptly, do not exist and make puk=cf (edf, decoding function " cf " puk); The two does not exist the utilization " prk " that can find out to duplicate the means of the behavior of " ppef " down (iv) not have " ppef " and " prk " actually.In principle, can derive " ppef " from its corresponding decryption function, thereby " prk " is important secret in actual range; (v) its corresponding Public key decryption function " ppdf " is installed on the computing machine the typical case and is had acceptable performance for file associated length.Note that if for security reasons select to produce acceptable can specific ppef/ppdf, can only encrypt and still can provide identical benefit a part that selects files; (vi) it is to this field, and promptly digital signature is (best, by conventional cryptanalysis) that is suitable for.There are some algorithms that satisfy these requirements, for example the algorithm of RSA and Rabin and ElGamal.Carefully select to implement parameter and can help to obtain required security and performance.
3. being inserted in the original distribution of document 130 to generate set distribution of document 170 from the password signature 174 of step 2.1 and the data 140 that will embed.This insertion is not the centre that simply each is copied to file, because it must be obedient to the call format of particular file types.For example, more new title with identification new data or the like.
System and method of the present invention does not require that embedding data 171 or password signature 174 are positioned in the set distribution of document 170 with any ad hoc fashion.Neededly be: the software on the computing machine (i) is installed, especially in UIA200, can locate and embed data 171 and password signature 174, and after (ii) on being installed to the installation computing machine, gathering distribution of document 170 and can carry out its intended function; For example, if it is an executable file, it still meets structural requirement and other platform requirement, installs on the computing machine and operation thereon thereby it is encased in can resembling before the conversion process.For example, if file is with the general format of the existing computing machine that contains the special microprocessor of English and is to move converse routine 110 should check " title " section of original distribution of document 130 is to judge whether there is the section that comprises static data so that avoid containing the section of executable code under the Windows of Microsoft.The static data section should be selected, and the appropriate location that the user embeds data block 171 and password signature 174 should be found out or set up.For example, this can so carry out: determine that (i) existing static data piece has the untapped capacity that is enough to increase these data, (ii) distribute new static data piece, perhaps (iii) expansion has the static data piece now.
Method shown in Fig. 3 A discloses a kind of single step and handles, and wherein is that original distribution of document 130 and embedding data 140 are determined passwords signature 174.A kind of going on foot for selecting method employing two shown in Fig. 3 B handled, and the same algorithm that illustrates in the step 2 above wherein utilizing at first generates the password signature 172 of embedding data 171.Then again this embedding data cryptogram signature 172 is embedded in the original distribution of document 130.Then original distribution of document 130, embed data 171 and embed data cryptogram signature 172 and be input to the second password step, above in this step, adopting in the step 2 the same algorithm of explanation determine that overall password signs 176.The benefit that two steps handle is that it has increased system and method checking of the present invention and has detected the ability of altering that installed software on the installation computing machine is used.For example, can be two passwords signature 172,176 and provide that independently the password public/private key is right.In addition, even original file content 173a, 173b are destroyed, two steps handle and still can extract and verify embedding data 171.
The possible alternative of utilizing two another kinds that go on foot a kind of modification of Cipher Processing to make up set distribution of document 170 is at first only to obtain first password signature 175 with original file content 173a, 173b, and obtain second password signature 172 with embedding data 171.This is shown in Fig. 3 C.This method has all advantages of the two step processing shown in Fig. 3 B, and allows individual authentication to embed data 171 and original file content 173a, 173b.This original distribution of document 130 that allows the user to confirm that the publisher provides is not changed by online installation processing disclosed in this invention.
General insider will appreciate that, needn't utilize identical password public/private key to or even must not utilize identical key algorithm to produce any password signature 172,174,175,176 shown in Fig. 3 A, 3B and the 3C.In addition, needn't at every turn to the distribution of document 170 of user's distribution set the time, calculate password signature 172,174,175,176.SDA100 can keep a part precomputation signature database to accelerate relevant calculation.Can use and cryptographic hardware support that the computing machine place obtain such as RSA coprocessor to be installed to obtain the good response under the maximum security.In addition, needn't integrally make up set distribution of document 170 by SDA100.Necessary just can integrally send set distribution of document 170 by UIA200.
Fig. 4 illustrates structure and the operation of UIA200, but UIA200 comprises that index 204 is installed in transition, input file collection 205 and the intrinsic software program for execution 203 of UIA are installed in transition.The insider can understand, and has the method for many enforcement UIA programs 203.Since functional pith of UIA200 relate to user interactions and and the dialogue of SDA100, the choice of implementing UIA200 comprises makes it become the adjunct of world wide web (www) browser, perhaps it is embodied as a stand-alone program, this stand-alone program embeds or calls existing browser capabilities on the installation computing machine.
The following describes the typical execution sequence of UIA200:
UIA program 203 with and number of support according to 204,205 copy to install on the computing machine after, the user moves UIA program 203.Please note also UIA program 203 can remotely be installed, for example send into active program in the browser frames by www server.Unless propose in addition, all subsequent steps are carried out by UIA program 203.
2. computing machine is installed to be read and index 204 is installed and input file collection 205 is installed to determine and required software application (being called " the set distribution of document that is mounted ") 15 corresponding specific default SDA100 are installed.
3. check and computing machine is installed to be identified for setting up the appropriate device of communicating by letter with SDA100, for example, the existence of TCP/IP network interface, modulator-demodular unit etc.If can not find such device, program helps the user to search the parameter of suitable work for choosing ground, gives a warning down then and stops.This is owing to the visit to SDA100 is absolutely necessary for operation of the present invention.
4. use from the default data of above-mentioned steps (2) and (3) prompting user 1, promptly tell UIA program 203 to search required SDA100 wherein and on the distribution channel for distribution 300 of which kind of type.Change the chance of this information for then user 1, or (for example for business reason, possible certain SDA has changed name or position), or (for example for technical reason, the user does not have the TCP/IP connection of working and wishes to use direct modem links, may pass through 800 free call numbers.)
5. by distribution channel for distribution 300,203 foundation of UIA program and SDA100 contact.If can not realize, the UIA program gives a warning and stops after the parameter of determining suitably work for choosing ground help user.Although the security for operation distribution channel for distribution 300 of the present invention is chosen wantonly, expectation distribution channel for distribution 300 can be supported the agreement that suitable protection SDA100 is not swindled.Support the common protocol of mandate and privacy, for example secure socket layer (ssl) is appropriate available.
6.UIA program 203 is served as the intermediary between user and the SDA100, makes the user determine that SDA100 gathers the legal agreements that distribution of document 15 can be supported for required being mounted.But also having, the UIA program judges whether the using system resource that computing machine is installed satisfies the required ability that is mounted the requirement of set distribution of document 15.
For to user's content displayed, there is not technical restriction in the problem that the user may propose and various selections on the data that computing machine may collect etc. are installed.Become to go through data acquisition, data embedding, software dispatch and software installation processing because SDA100 moves, system and method for the present invention can even not adopt various other passwords of level under user notification cryptographic key or any information that they can deduce.These are different with other electronics transmitting system, and they typically need off line input one after the other, privacy key or derive to obtain, and give the user thereby leak significantly.Certainly, the Public key that uses in the checking of password signature is an exception, and the user can determine Public key easily, but owing to can not rogue use them, it is not a safety problem.
7. supposition user 1 satisfies all criterions that SDA100 proposes, and the concrete file set that SDA100 will determine to send to UIA200 comprises a set distribution of document 170 (shown in Fig. 3 A-3C) especially at least to finish the installation of installing on the computing machine.For system and method for the present invention, how the essence of the agreement of reaching between user 1 and the SDA100 or agreement come into force is unessential.This by SDA100 with and towards business system (if exist) be responsible for.The most important thing is that UIA200 is not and itself can not determine whether reach an agreement between user and SDA100.Except by and SDA100 mutual, UIA200 is not and should not visit all and finish the required information of installing.
8.SDA100 send the index of required distribution of document to ULA200 by distribution channel for distribution 300.UIA200 utilizes local index that this index enlarges himself to be configured for the complete index of installation on the horizon.
9.SDA100 make up one or more set distributions of document 170 and the required file of any other installation, and these files sent to UIA200 through distribution channel for distribution 300.
10.UIA program 203 is utilized its local index and support file 204,205 to finish the installation that is mounted distribution of document 15 in the mode that is consistent with the platform that computing machine is installed.Particularly, UIA200 is not affected in password signature 174 and embedding data 171 set distribution of document 170 is installed down.In case set distribution of document 170 is installed on the installation computing machine, and it is called as the set distribution of document 15 that is mounted.UIA program 203 is also carried out other system update 212 as required, for example upgrades operating system registration (under the Win95 situation) and any additional application file is installed.Also may relate to other optional operation, for example stay suitable ' not installing ' utility routine.
12. if mistake occurs, UIA program 203 can notify SDA100 to restart installation.If mistake do not occur, UIA program 203 notice SDA100 have received all desired datas.This should for example be used as the trigger pip of SDA100 to carry out financial transaction.The latter half that financial matters is placed on processing can make the possibility of just the user not being charged under successfully install software is used become minimum, and this has reduced a kind of reason that the user baffles.
May be placed on the transition file installed in the computing machine, index or the like 13.UIA program 203 deletion is any.
14.UIA being connected and withdrawing from of program 203 disconnections and SDA100, distribution channel for distribution 300.
In case finished the proof procedure of the confession selecting for use that further describes later, the user then can install the set distribution of document 15 that operation is mounted on the computing machine.Should be understood that and before or after finishing installation, to carry out the proof procedure that illustrates later.
Method and system of the present invention should reduce by buying the controversial issue that good software fails and installs and cause.If enough resources that computing machine does not have the required software application of operation are installed, UIA200 can detect and warned the user before making any financial transaction.In addition, can finish the final finance agreement that the user buys software application after processing is installed, installation itself is that failed probability can be very low thereby financial transaction is successful.
General insider will appreciate that, can distribute UIA200 to the user with form of medium large-scale production and that comprising original distribution of document 130, perhaps from single part copy singly can not be subjected to success deceive people derive UIA200 under re-using.In this case, SDA100 only sends its structure set distribution of document 170 and finishes the required increment information of installation to UIA200.Comprise incomplete executable file collection by the distribution form of guaranteeing UIA200, thereby be on the installation computing machine, to carry out and to defeat the attempt of any pirate print software application from the master data of SDA100.
Fig. 5 represents from set distribution of document 15 checkings that are mounted and extracts user data and do not altered so that confirm original file content 173a, 173b and embed data 171.The user chooses wantonly for this step of operation of the present invention, because can move the set distribution of document 15 that is mounted under not verifying.Should be understood that the proof procedure that the following describes can carry out before or after finishing installation.If before installing on the installation computing machine, verify, then UIA203 pair set distribution of document 170, rather than, carry out following process to mounted set distribution of document.
Processing shown in Fig. 5 be with utilize that the two steps shown in Fig. 3 B handle that set distribution of document 15 is installed is relevant.To from the principle of set distribution of document 15 checkings being installed and extracting user data of utilizing that the modification single step Cipher Processing structure shown in Fig. 3 A or that utilize the two steps shown in Fig. 3 C to handle make up with following illustrated identical, but to make suitable modification according to the characteristic of the cryptographic key that will compare.
Although independently checking and read routine 400 are carried out checking and are read the function that embeds data 171 to illustrate one, the insider will appreciate that, these functions not necessarily will realize in this independently program, but can with other program, pack into software, reproducer etc. of UIA200, licence scrutiny program, virus checker, program for example, function combine.The following describes the typical execution sequence of checking and read routine 400:
1. or by the user or by calling runtime verification and read routine 400 automatically such as other program of UIA200.Unless otherwise noted, following step is all carried out by checking and read routine 400.
2. or by the prompting user or by UIA200 transmit as parameter, which judgement will be handled set distribution of document 15 has been installed.Also judgement (if can derive from particular implementation, this is comprising difference in file itself) has been installed set distribution of document 15 to this can use for which specific Public key 152.
3. open the set distribution of document of being studied 15 of installation and check its satisfied call format of using.For example, certain given realization may be supported Intel TMCarry out (EXE) and dynamic link library (DLL) file under ' PE ' form of processor.Distribution of document 15 fails in these and checks substantially maybe and can not find if this has installed set, and checking and read routine 400 send suitable warning and stop.
4. the inspection file is to determine the position of total password signature 176, embedding data cryptogram signature 172 and embedding data 171.Can format in every way and set distribution of document 15 is installed, for example in file title, comprise the pointer that points to these sections to support and to determine.If be (that is, Public key 152 comprises hereof, and and definite different) that is suitable for, search and extract required Public key 152 by checking and read routine 400 in this specific implementation.
If above-mentioned arbitrary step failure, the failure under suitably alarming of checking and read routine 400.
5. utilize Public key 152 that total password signature 176 is decrypted into not encrypted form 176a (the long-range total fingerprint after the deciphering).
6. utilize the identical known password signature algorithm that adopts with SDA100, calculate the local version 176b (total fingerprint that calculate this locality) of total password signature.This calculating must exclude total password signature 176 self, and promptly topped all parts that set distribution of document 15 is installed except that 176 are so that the local total fingerprint 176b that calculates and himself are irrelevant.
7. the long-range total fingerprint 176a after total fingerprint 176b of this locality calculating and the deciphering is compared.If their differences, checking and read routine are in the mounted set distribution of document 15 destroyed failures down of warning.This moment, UIA200 can be called to contact with SDA100 to obtain mounted set distribution of document 15 once more.
8. extract to embed data 171, if program is by the figure ground that the user calls embedding data 171 to be presented to the user, if then send the caller routine to the message form by software transfer.
9. utilize Public key 152 to be decrypted into its not encrypted form 172a (the long-range embedding data fingerprint after the deciphering) embedding data cryptogram signature 172.
10. utilize the local version 172b (the embedding data fingerprint that calculate this locality) that embeds data cryptogram signature 172 with the identical known password signature algorithm computation that SDA100 is adopted.
11. the embedding data fingerprint 172b that this locality is calculated and the long-range embedding data fingerprint 172a of deciphering compare.If their differences, checking and read routine embed data 171 destroyed failures down in warning.
If what follow later is that the single step shown in Fig. 3 A is handled, then similar comparison procedure is carried out in password signature 174.Equally, be the modification of the two step Cipher Processing shown in Fig. 3 C as if what carry out, then similar comparison procedure is made in original file content password signature 175.
Fig. 6 is a process flow diagram, and it is comprehensively with respect to Fig. 2,3A, 3B, 3C, 4 and 5 processes that illustrate.Note that and to send the Public key 152 that is used for verifying the integrality that set distribution of document 15 has been installed by any device to UIA200, because it is not secret and can be used for more than one purposes.Public key can be embedded in the set distribution of document 170, and it can send to the user by unique file or message explicitly, perhaps, and can be by computing machine being installed automatically from network deposit mechanism (Verisign for example TMCompany) obtains.
Fig. 7 is the process flow diagram of another group process that can adopt according to the present invention, wherein utilizes SDA100 to encrypt original file content 173a, 173b for unique special purpose system that this particular transaction calculates.SDA100 keeps the record of this unique private key, and sends corresponding unique Public key and set distribution of document 170 by distribution channel for distribution 300 to UIA200.UIA200 utilizes this Public key deciphering set distribution of document 170.For security reasons, had better not permanently this Public key of storage on the computing machine be installed.Alternatively, only allow this unique Public key be present in the random-access memory (ram) of computing machine during installation.This feasible distribution set distribution of document 170 in fact again.
Although describe the present invention with reference to various preferred embodiments, general insider can recognize that some change, substitute and revise is possible.The various uses that set distribution of document 15 is installed are shown at Fig. 8.After installation and by after the UIA checking, can be routinely embedding data and moving mounted set distribution of document 15 for 171 times to use never in any form.In order to ensure the licence unanimity, can move mounted set distribution of document together to confirm that any license terms of forming a part that embeds data 171 is observed with the licence coercive procedure.Also can be used as the input of certain virus checker embedding data 171 and password signature 172,174,175,176 (depending on the mode that makes up set distribution of document 170), thus can be by utilizing Public key 152 and the integrity checking of set distribution of document 15 being installed with the identical known password signature algorithm that SDA100 adopts.Each run has been installed set during distribution of document 15, can also be by it own or and checking load program checking shown in the service chart 5 together and read routine 400, tampering with a document with refusal does not allow the set of installation distribution of document 15 operations of being altered.Also can only use and embed data 171 to show to the user.
Method and system disclosed herein also can be used for upgrading in the set of the installation distribution of document of installing on the computing machine to existing.In this case, UIA200 and SDA100 will confirm to install the existing license state that set distribution of document 15 has been installed on the computing machine, then call method and system disclosed herein, this installation computing machine is made up, sends and installs the upgraded version that set distribution of document 15 has been installed.Can under user's request, call, perhaps can when UIA200 detects the redaction that can use original distribution of document 130, call upgrading ability of the present invention automatically.
The uniqueness of mounted set distribution of document 15 can be used for its operation is limited on the special-purpose CPU (central processing unit) (CPU) of installing in the computing machine.Identification to the CPU of this purpose can be carried out in 32,34 stages of data that collection is transferred to SDA100 by UIA200.
SDA100 disclosed herein and UIA200 only are not limited to install or upgrading is called when distribution of document 170 being installed.For example, under environments for computer games, can when arriving the somewhere of recreation, the user call SDA100 and UIA200, the user is provided additional function or other choice of level of buying recreation.
The disclosure does not presuppose UIA200 and does not have the additional intelligence that improves functionality of the present invention.For example, UIA200 can have and finds and discern the intelligence that individual digital license separately is installed on the computing machine, and this license is set up its identity, this for authorize relevant transaction all or part of be sufficient.This individual digital license and method of use thereof should meet the standard of having set up, and for example commercial heat is according to the Verisign of provider TMCompany's accepted standard.In addition, UIA200 can have and searches and the intelligence of discriminating digit " reward voucher " license, this preferential property determines that the user has certain particular privilege, for example to the right of the exceptional price of certain software, perhaps a kind ofly determines its member's right in particular groups such as certain company.In addition, UIA200 answers that basis on location method of the present invention installs file earlier, and determines to embed data 171.If the information that UIA200 determines to exist the information that can influence transaction terms or exists expression user's possible interest for example to upgrade, UIA200 can send to SDA100 to this information, thereby suitably intermediary's transaction of SDA100, announcement are upgraded or the like.An exemplary like this is to check according to the word processing application software of the present invention's installation freely to upgrade to determine that this user is qualified, thereby the present invention can then enter installation.
In another group modification of the present invention, mounted set distribution of document 15 is files of the principle of a kind of employing Nortel algorithm mandate (NAN), this principle is open in 08/674, No. 037 patented claim of the U.S. to increase firm management certainly with the integrality that is used to himself.In first modification, (it has had the ability that self code that set distribution of document 15 is installed is used as the required input of suitable operation to runtime NAA algorithm, thereby and have under tamper condition a crushing ability that lost efficacy of forcing) range expansion of this input is copied to comprising in the storer that one or more data item constituted that is added by SDA100, for example total password signs 176.
In second modification, member can advance fartherly " to start counterfoil (launch stub) ", promptly extract and decipher the embedding data 171 of installing in the set distribution of document 15, and the license terms and the inspection clause that current environment found of (for example such as the dedicated cpu by certain physics Media Access Control address identification on the network card) on it are compared.According to the principle of Nortel algorithm mandate, " startup counterfoil " needn't " determine " whether will continue, and defeats the point of attack of ' hacker ' of security mechanism because this decision point is hope significantly.On the contrary, its can revise data according to normal program run so that only when the suitable environment of described data and each licence is corresponding program just continue to move.For first modification, should be particular case prebuild application program, because according to this technology co-pending, its suitable control stream is just imported data to original ' incorrect ' and is used into the correct licensc e data of application or its and simply derive and obtain ' correction ' data.
The present invention disclosed herein needn't change have installed installation form functional of set distribution of document 15, and only to its increase information and checking property.Then, exist the means that some can be changed the new mode that the effect that set distribution of document 15 is installed allows with the present invention.In a kind of modification, but can visiting the various execute forms or the visit of certain preset sequence, SIA100 can dynamically make up multi-form software routine, satisfy the program of specific user functions/price request with generation, and/or this program is on one's own initiative oneself being bundled into very special license terms.For example, under the Microsoft's Window environment, can embed different effects by the Different Dynamic chained library (DLLS) that optionally comprises.
In another kind of modification, the first execute form that begins of program file have built-in specific function and with the selection of licence binding, and SDA100 can refuse (may be to verify) and allows executable file show that the data of its required effect enter executable file.In another modification, SDA100 can utilize the routine that the specific program structure is had detailed support, so that the executable program that clearly is not designed to have a this modification of Xiang Xianyou increases variable code.
The illustrated various embodiment of the present invention are being the foundation stone of the installation and the security of software application in single " core " file set of certain particular file types.Yet method of the present invention can be applicable under the particular case certainly more than a file or more than a kind of file type.For example, use all relevant quiet files with install software and can receive embedding information, so that they all are that can verify and relevant with specific application and installation example.

Claims (17)

1. one kind is used for comprising step from the method for distributing computer to installation computing machine electronic distribution software application:
A. receive identifying information at described distributing computer;
B. at described distributing computer described identifying information is embedded in the described software application to form discernible software application;
C. be that described discernible software application generates the password signature;
D. described password signature is embedded in the described discernible software application to form discernible and software application that can verify; And
E. from described distributing computer described discernible and software application that can verify is sent to described installation computing machine.
2. the process of claim 1 wherein that the step of signing for described discernible software application generation password comprises step:
A. discernible software application " ed " is applied one-way hash function " hf " to generate hash result " edh ", wherein edh=hf (ed); And
B. utilize a cryptographic key keyed hash result " edh " to obtain the password signature.
3. the method for claim 2, wherein one-way hash function utilizes one of eap-message digest 5 (MD5) algorithm or secure hash algorithm (sha) to produce.
4. claim 2 or 3 method, wherein keyed hash result's " edh " step comprises and utilizes a public/private encryption function " ppef " and a special purpose system key " prk " keyed hash result " edh " to generate the step of password signature " edf ", wherein edf=ppef (prk, edh).
5. the method for claim 4 wherein utilizes one of RSA Algorithm, Robin algorithm, ElGamal algorithm to produce public/private encryption function " ppef ".
6. claim 1,2,3,4 or 5 method wherein connect distributing computer and computing machine are installed by the Internet.
7. claim 1,2,3,4,5 or 6 method, the identifying information that wherein said distributing computer place receives sends from described installation computing machine.
8. one kind receives from the method for the software application of distributing computer distribution electronically in that the computing machine place is installed, and comprises step:
A. receive software application discernible and that can verify from distributing computer, this discernible and software application that can verify have the identifying information that embeds therein and should be discernible and the password of the software application that can verify sign; And
B. at installation computing machine place this discernible and software application that can verify is installed.
9. the method for claim 8 wherein before the step that receives discernible and the software application that can verify from distributing computer, is installed computing machine and is sent identifying information to distributing computer.
10. claim 8 or 9 method wherein before the step that discernible and the software application that can verify are installed, are installed the integrality that computing machine is verified this software application.
11. the method for claim 10 is wherein installed the integrality that computing machine utilizes password signature verification software application.
12. one kind from distributing computer to the computing machine method used of distributing software electronically is installed, comprise step:
A. receive identifying information at described distributing computer;
B. among described distributing computer is embedded into described identifying information described software application to form discernible software application;
C. be that described discernible software application generates the password signature;
D. but described password signature is embedded in the described identification software application to form discernible and software application that can verify;
E. from described distributing computer described discernible and software application that can verify is transferred to described installation computing machine; And
F. described installation computing machine install described discernible and the checking software application.
13. the method for claim 12 wherein connects distributing computer and computing machine is installed by the Internet.
14. the method for claim 12 or 13, wherein the identifying information that receives at described distributing computer place sends from described installation computing machine.
15. a software dispatch computing machine is used for distributing discernible and software application that can verify to the user, it comprises:
A. the communication linkage between described software dispatch computing machine and the described user;
B. be used to store memory unit for the software application of distribution;
C. with the communication interface of described linking communications, be used to receive described user's recognition data, and be used for transmitting the described discernible and software application that can verify to described user;
D. be used for the data that receive from described installation computing machine are embedded into described software application to form the device of discernible software application;
E. be used to described discernible software application to generate the device of password signature; And
F. be used for the signature of described password is embedded into described discernible software application to form the described discernible and software application that can verify.
16. software installation computing machine that is used to receive by the discernible and software application that can verify of distributing computer distribution:
A. described software is installed the communication linkage between computing machine and the described software dispatch computing machine;
B. be used for storing identification data and be used to store the memory unit of install software application;
C. with the Computer Communications Interface of described linking communications, be used to transmit described recognition data, and be used to receive the described discernible and software application that can verify, this discernible and software application that can verify has the recognition data that is embedded in wherein and the password signature of this software application that can discern, can verify;
D. be used on described Computer Storage parts installing the device of the described discernible and software application that can verify.
17. one kind is used for distributing software dispatch the computing machine discernible and software application that can verify from distributing computer to computing machine is installed, it comprises:
A distributing computer;
An installation computing machine;
Communication linkage between described installation computing machine and the distributing computer;
Described distributing computer comprises:
A. the distributing computer memory unit is used to store the software application for distribution;
B. with the distributing computer communication interface of described linking communications, be used for transmitting software application discernible and that can verify, and be used for receiving recognition data from described installation computing machine to described installation computing machine;
C. be used for the recognition data that receives from described installation computing machine is embedded into described software application to form the device of discernible software application;
D. be used to described discernible software application to generate the device of password signature; And
E. be used for described password signature is embedded into described discernible software application to form discernible and software application that can verify;
Described installation computing machine comprises:
A., the Computer Storage parts are installed, are used to store described recognition data, and be used to store mounted software application;
B. with the installation Computer Communications Interface of described linking communications, be used for transmitting described recognition data, and be used for receiving the described discernible and software application that can verify from described distributing computer to described distributing computer; And
D. be used for installing the device of described software application at described installation Computer Storage parts.
CN98804864A 1997-04-10 1998-03-18 Method and system for networked installation of uniquely customized, authenticable and traceable software applications Pending CN1255209A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US08/831,696 1997-04-10
US08/831,696 US6108420A (en) 1997-04-10 1997-04-10 Method and system for networked installation of uniquely customized, authenticable, and traceable software application

Publications (1)

Publication Number Publication Date
CN1255209A true CN1255209A (en) 2000-05-31

Family

ID=25259649

Family Applications (1)

Application Number Title Priority Date Filing Date
CN98804864A Pending CN1255209A (en) 1997-04-10 1998-03-18 Method and system for networked installation of uniquely customized, authenticable and traceable software applications

Country Status (7)

Country Link
US (1) US6108420A (en)
EP (1) EP0974084A1 (en)
JP (1) JP2002503365A (en)
CN (1) CN1255209A (en)
AU (1) AU6492198A (en)
CA (1) CA2285392A1 (en)
WO (1) WO1998045768A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100396012C (en) * 2006-02-23 2008-06-18 华为技术有限公司 Software validity checking system and method based on device management protocol
CN100428256C (en) * 2002-07-23 2008-10-22 索尼株式会社 Information processing device, information processing method, and computer program
CN101238470B (en) * 2005-08-10 2010-08-18 诺基亚公司 Method for operating computing device, method for manufacturing software
CN1946222B (en) * 2005-10-04 2011-08-31 乐金电子(中国)研究开发中心有限公司 Software certification device for mobile communication terminal and method thereof
CN107924304A (en) * 2015-05-06 2018-04-17 迈克菲有限公司 Presence to bundled software in installation process alerts

Families Citing this family (277)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH08263438A (en) 1994-11-23 1996-10-11 Xerox Corp Distribution and use control system of digital work and access control method to digital work
US6963859B2 (en) 1994-11-23 2005-11-08 Contentguard Holdings, Inc. Content rendering repository
JPH10512074A (en) 1995-02-13 1998-11-17 インタートラスト テクノロジーズ コーポレイション System and method for secure transaction management and electronic rights protection
US7143290B1 (en) 1995-02-13 2006-11-28 Intertrust Technologies Corporation Trusted and secure techniques, systems and methods for item delivery and execution
US7095854B1 (en) 1995-02-13 2006-08-22 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7133846B1 (en) 1995-02-13 2006-11-07 Intertrust Technologies Corp. Digital certificate support system, methods and techniques for secure electronic commerce transaction and rights management
US7069451B1 (en) 1995-02-13 2006-06-27 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US6157721A (en) 1996-08-12 2000-12-05 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
US7165174B1 (en) 1995-02-13 2007-01-16 Intertrust Technologies Corp. Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management
US6948070B1 (en) 1995-02-13 2005-09-20 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7124302B2 (en) 1995-02-13 2006-10-17 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US7133845B1 (en) 1995-02-13 2006-11-07 Intertrust Technologies Corp. System and methods for secure transaction management and electronic rights protection
US6311277B1 (en) * 1996-03-22 2001-10-30 Hitachi, Ltd. Method and device for managing computer network
US7062500B1 (en) 1997-02-25 2006-06-13 Intertrust Technologies Corp. Techniques for defining, using and manipulating rights management data structures
US6233684B1 (en) 1997-02-28 2001-05-15 Contenaguard Holdings, Inc. System for controlling the distribution and use of rendered digital works through watermaking
US6859699B2 (en) 1997-05-16 2005-02-22 Snap-On Incorporated Network-based method and system for distributing data
US7290288B2 (en) * 1997-06-11 2007-10-30 Prism Technologies, L.L.C. Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network
US6453334B1 (en) 1997-06-16 2002-09-17 Streamtheory, Inc. Method and apparatus to allow remotely located computer programs and/or data to be accessed on a local computer in a secure, time-limited manner, with persistent caching
US20010039564A1 (en) * 1997-10-20 2001-11-08 Victor Hahn Log on personal computer
US7092914B1 (en) 1997-11-06 2006-08-15 Intertrust Technologies Corporation Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information
JP4313873B2 (en) * 1998-01-30 2009-08-12 キヤノン株式会社 Electronic device and data processing method
US6599194B1 (en) 1998-09-08 2003-07-29 Darren Smith Home video game system with hard disk drive and internet access capability
US7711714B2 (en) * 1998-09-22 2010-05-04 Hitachi, Ltd. Method and a device for sterilizing downloaded files
US6763370B1 (en) 1998-11-16 2004-07-13 Softricity, Inc. Method and apparatus for content protection in a secure content delivery system
US7017188B1 (en) * 1998-11-16 2006-03-21 Softricity, Inc. Method and apparatus for secure content delivery over broadband access networks
US6330588B1 (en) * 1998-12-21 2001-12-11 Philips Electronics North America Corporation Verification of software agents and agent activities
US8347086B2 (en) * 2000-12-18 2013-01-01 Citibank, N.A. System and method for automatically detecting and then self-repairing corrupt, modified of non-existent files via a communication medium
US6766305B1 (en) * 1999-03-12 2004-07-20 Curl Corporation Licensing system and method for freely distributed information
US6591367B1 (en) * 1999-03-31 2003-07-08 Atabok Japan, Inc. Method and apparatus for preventing unauthorized copying and distributing of electronic messages transmitted over a network
US6468160B2 (en) 1999-04-08 2002-10-22 Nintendo Of America, Inc. Security system for video game system with hard disk drive and internet access capability
US7730169B1 (en) 1999-04-12 2010-06-01 Softricity, Inc. Business method and system for serving third party software applications
US7370071B2 (en) * 2000-03-17 2008-05-06 Microsoft Corporation Method for serving third party software applications from servers to client computers
US6389537B1 (en) * 1999-04-23 2002-05-14 Intel Corporation Platform and method for assuring integrity of trusted agent communications
US6697948B1 (en) * 1999-05-05 2004-02-24 Michael O. Rabin Methods and apparatus for protecting information
US8099758B2 (en) * 1999-05-12 2012-01-17 Microsoft Corporation Policy based composite file system and method
US7197144B1 (en) * 1999-06-08 2007-03-27 Ethos Technologies, Inc. Method and apparatus to authenticate a user's system to prevent unauthorized use of software products distributed to users
AU5328900A (en) * 1999-06-08 2000-12-28 Ethos Technologies, Inc. Protection against unauthorized use of software products
US6675382B1 (en) * 1999-06-14 2004-01-06 Sun Microsystems, Inc. Software packaging and distribution system
US6460023B1 (en) * 1999-06-16 2002-10-01 Pulse Entertainment, Inc. Software authorization system and method
WO2001001622A2 (en) * 1999-06-28 2001-01-04 Starpay.Com, Inc. Apparatus and method for performing secure network transactions
US7243236B1 (en) 1999-07-29 2007-07-10 Intertrust Technologies Corp. Systems and methods for using cryptography to protect secure and insecure computing environments
AU6614600A (en) * 1999-07-29 2001-02-19 Intertrust Technologies Corp. Systems and methods for using cryptography to protect secure and insecure computing environments
US7770016B2 (en) 1999-07-29 2010-08-03 Intertrust Technologies Corporation Systems and methods for watermarking software and other media
US7430670B1 (en) 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
AU6750700A (en) 1999-07-30 2001-02-19 Intertrust Technologies Corp. Methods and systems for transaction record delivery using thresholds and multi-stage protocol
US7406603B1 (en) 1999-08-31 2008-07-29 Intertrust Technologies Corp. Data protection systems and methods
US6985885B1 (en) 1999-09-21 2006-01-10 Intertrust Technologies Corp. Systems and methods for pricing and selling digital goods
GB9922904D0 (en) * 1999-09-28 1999-12-01 Signum Technologies Limited Method of authenticating digital data works
JP4011243B2 (en) * 1999-10-15 2007-11-21 富士通株式会社 Electronic original management apparatus and method
JP2001117823A (en) * 1999-10-15 2001-04-27 Fuji Xerox Co Ltd Data storage device with access qualification authenticating function
GB9925227D0 (en) * 1999-10-25 1999-12-22 Internet Limited Data storage retrieval and access system
US7421472B1 (en) 1999-11-19 2008-09-02 Ross Jr Robert C System, method, and computer program product for providing a multi-user e-mail system
AU4505701A (en) * 1999-12-10 2001-06-18 Dvd Express, Inc. Method of distributing digital information
AU1651901A (en) * 1999-12-14 2001-06-25 Sony Corporation Registering device and method, information processing device and method, providing device and method, and program storage medium
US6996720B1 (en) 1999-12-17 2006-02-07 Microsoft Corporation System and method for accessing protected content in a rights-management architecture
US6970849B1 (en) * 1999-12-17 2005-11-29 Microsoft Corporation Inter-server communication using request with encrypted parameter
US7047411B1 (en) 1999-12-17 2006-05-16 Microsoft Corporation Server for an electronic distribution system and method of operating same
AU3076801A (en) * 1999-12-27 2001-07-09 Pitchware, Inc. Method and apparatus for a cryptographically assisted commercial network system designed to facilitate purchase and licensing
US6904528B1 (en) * 2000-01-03 2005-06-07 Ge Yokogawa Medical Systems, Limited Illegitimate duplication preventing method, data processing apparatus and medical imaging apparatus
US7213152B1 (en) * 2000-02-14 2007-05-01 Intel Corporation Modular bios update mechanism
US7249105B1 (en) 2000-03-14 2007-07-24 Microsoft Corporation BORE-resistant digital goods configuration and distribution methods and arrangements
US7441263B1 (en) 2000-03-23 2008-10-21 Citibank, N.A. System, method and computer program product for providing unified authentication services for online applications
EP1290531A2 (en) * 2000-06-07 2003-03-12 Telefonaktiebolaget LM Ericsson (publ) Network agent password storage and retrieval scheme
DE10028500A1 (en) * 2000-06-08 2002-01-03 Deutsche Telekom Ag Process for installing software in hardware
US7695363B2 (en) 2000-06-23 2010-04-13 Igt Gaming device having multiple display interfaces
US6731313B1 (en) 2000-06-23 2004-05-04 Igt Gaming device having touch activated alternating or changing symbol
US20010056533A1 (en) * 2000-06-23 2001-12-27 Peter Yianilos Secure and open computer platform
US7699699B2 (en) 2000-06-23 2010-04-20 Igt Gaming device having multiple selectable display interfaces based on player's wagers
US7051200B1 (en) 2000-06-27 2006-05-23 Microsoft Corporation System and method for interfacing a software process to secure repositories
US7171692B1 (en) 2000-06-27 2007-01-30 Microsoft Corporation Asynchronous communication within a server arrangement
US7539875B1 (en) 2000-06-27 2009-05-26 Microsoft Corporation Secure repository with layers of tamper resistance and system and method for providing same
US6891953B1 (en) 2000-06-27 2005-05-10 Microsoft Corporation Method and system for binding enhanced software features to a persona
US7017189B1 (en) 2000-06-27 2006-03-21 Microsoft Corporation System and method for activating a rendering device in a multi-level rights-management architecture
US6981262B1 (en) 2000-06-27 2005-12-27 Microsoft Corporation System and method for client interaction in a multi-level rights-management architecture
US7158953B1 (en) 2000-06-27 2007-01-02 Microsoft Corporation Method and system for limiting the use of user-specific software features
JP2002014871A (en) * 2000-06-29 2002-01-18 Fujitsu Ltd Content checking method, content updating method, and processing device
US7225159B2 (en) 2000-06-30 2007-05-29 Microsoft Corporation Method for authenticating and securing integrated bookstore entries
US20020046045A1 (en) 2000-06-30 2002-04-18 Attila Narin Architecture for an electronic shopping service integratable with a software application
DE10033384A1 (en) * 2000-07-08 2002-01-17 Deutsche Telekom Ag Method for computer software installation in which a cryptographic authorization key is written with a part of the software to permanent computer memory, with the authorization based on personal or hardware specific data
US7363318B1 (en) * 2000-07-21 2008-04-22 Wind River Systems, Inc. Method and apparatus for management of an automated license installation
WO2002015077A1 (en) * 2000-08-14 2002-02-21 Starpay.Com, Inc. Apparatus and method for performing secure network transactions
AU2001285125B2 (en) * 2000-08-21 2004-08-26 Igt Method and apparatus for software authentication
US20030196092A1 (en) 2000-08-28 2003-10-16 Contentguard Holdings, Inc. Method and apparatus for sharing secure communications
US7743259B2 (en) 2000-08-28 2010-06-22 Contentguard Holdings, Inc. System and method for digital rights management using a standard rendering engine
JP4072988B2 (en) * 2000-10-02 2008-04-09 株式会社ハドソン Digital content data generation system
US6971023B1 (en) * 2000-10-03 2005-11-29 Mcafee, Inc. Authorizing an additional computer program module for use with a core computer program
US20020082820A1 (en) * 2000-10-31 2002-06-27 Glenn Ferguson Data model for automated server configuration
JP4067757B2 (en) * 2000-10-31 2008-03-26 株式会社東芝 Program distribution system
US8250570B2 (en) * 2000-10-31 2012-08-21 Hewlett-Packard Development Company, L.P. Automated provisioning framework for internet site servers
US7124289B1 (en) 2000-10-31 2006-10-17 Opsware Inc. Automated provisioning framework for internet site servers
US6889209B1 (en) * 2000-11-03 2005-05-03 Shieldip, Inc. Method and apparatus for protecting information and privacy
US7343324B2 (en) 2000-11-03 2008-03-11 Contentguard Holdings Inc. Method, system, and computer readable medium for automatically publishing content
US20020087883A1 (en) * 2000-11-06 2002-07-04 Curt Wohlgemuth Anti-piracy system for remotely served computer applications
US20020083183A1 (en) * 2000-11-06 2002-06-27 Sanjay Pujare Conventionally coded application conversion system for streamed delivery and execution
US7062567B2 (en) 2000-11-06 2006-06-13 Endeavors Technology, Inc. Intelligent network streaming and execution system for conventionally coded applications
US8831995B2 (en) 2000-11-06 2014-09-09 Numecent Holdings, Inc. Optimized server for streamed applications
AU2002243223A1 (en) * 2000-11-15 2002-06-24 Robert P Arbuckle System and method for guiding a computer user to promotional material
JP2004514977A (en) * 2000-11-20 2004-05-20 シャンテ コーポレーション Systems, methods, and computer program products for multi-user email systems
EP1211587A1 (en) * 2000-11-30 2002-06-05 Pentap Technologies AG Distributing programming language code
US20020073312A1 (en) * 2000-12-08 2002-06-13 International Business Machines Corporation Secure electronic software distribution
US7451196B1 (en) * 2000-12-15 2008-11-11 Stream Theory, Inc. Method and system for executing a software application in a virtual environment
US6948065B2 (en) 2000-12-27 2005-09-20 Intel Corporation Platform and method for securely transmitting an authorization secret
US6912294B2 (en) 2000-12-29 2005-06-28 Contentguard Holdings, Inc. Multi-stage watermarking process and system
US7028009B2 (en) 2001-01-17 2006-04-11 Contentguardiholdings, Inc. Method and apparatus for distributing enforceable property rights
US7774279B2 (en) 2001-05-31 2010-08-10 Contentguard Holdings, Inc. Rights offering and granting
US8069116B2 (en) 2001-01-17 2011-11-29 Contentguard Holdings, Inc. System and method for supplying and managing usage rights associated with an item repository
US6961773B2 (en) * 2001-01-19 2005-11-01 Esoft, Inc. System and method for managing application service providers
EP1243998B1 (en) * 2001-03-21 2017-04-19 Excalibur IP, LLC A technique for license management and online software license enforcement
US6993664B2 (en) * 2001-03-27 2006-01-31 Microsoft Corporation Method and system for licensing a software product
JP2002297477A (en) * 2001-03-28 2002-10-11 Sony Computer Entertainment Inc Delivery system and method
US7188342B2 (en) 2001-04-20 2007-03-06 Microsoft Corporation Server controlled branding of client software deployed over computer networks
US7743147B2 (en) * 2001-04-20 2010-06-22 Hewlett-Packard Development Company, L.P. Automated provisioning of computing networks using a network database data model
US20020165976A1 (en) * 2001-05-02 2002-11-07 Jean-Charles Gonthier Software deployment in a data communications network
FR2824402A1 (en) 2001-05-04 2002-11-08 Thales Sa DEVICE AND METHOD FOR SIGNATURE, MARKING AND AUTHENTICIFICATION OF COMPUTER PROGRAMS
US20060010430A1 (en) * 2001-05-04 2006-01-12 Thales Device and process for the signature, the marking and the authentication of computer programs
EP1393457A4 (en) * 2001-05-07 2005-01-05 John F King Modem function and usage of a personal digital assistant in wireless mode
US6947986B1 (en) * 2001-05-08 2005-09-20 Networks Associates Technology, Inc. System and method for providing web-based remote security application client administration in a distributed computing environment
WO2002095554A2 (en) * 2001-05-18 2002-11-28 Imprivata Inc. System and method for authentication using biometrics
US6895503B2 (en) 2001-05-31 2005-05-17 Contentguard Holdings, Inc. Method and apparatus for hierarchical assignment of rights to documents and documents having such rights
US6876984B2 (en) 2001-05-31 2005-04-05 Contentguard Holdings, Inc. Method and apparatus for establishing usage rights for digital content to be created in the future
US8275709B2 (en) 2001-05-31 2012-09-25 Contentguard Holdings, Inc. Digital rights management of content when content is a future live event
US8099364B2 (en) 2001-05-31 2012-01-17 Contentguard Holdings, Inc. Digital rights management of content when content is a future live event
US8275716B2 (en) 2001-05-31 2012-09-25 Contentguard Holdings, Inc. Method and system for subscription digital rights management
US7725401B2 (en) 2001-05-31 2010-05-25 Contentguard Holdings, Inc. Method and apparatus for establishing usage rights for digital content to be created in the future
US8001053B2 (en) 2001-05-31 2011-08-16 Contentguard Holdings, Inc. System and method for rights offering and granting using shared state variables
US7853531B2 (en) 2001-06-07 2010-12-14 Contentguard Holdings, Inc. Method and apparatus for supporting multiple trust zones in a digital rights management system
US7774280B2 (en) 2001-06-07 2010-08-10 Contentguard Holdings, Inc. System and method for managing transfer of rights using shared state variables
CA2448932A1 (en) * 2001-07-02 2003-01-16 British Telecommunications Public Limited Company Program installation process
US7716137B2 (en) * 2001-08-14 2010-05-11 Nokia Inc. System and method for automatically tracking and enabling the operation of a product
US7920682B2 (en) * 2001-08-21 2011-04-05 Byrne William J Dynamic interactive voice interface
GB2379299B (en) * 2001-09-04 2006-02-08 Imagination Tech Ltd A texturing system
US20030051235A1 (en) * 2001-09-07 2003-03-13 Simpson Mark D. Method and apparatus for verifying and analyzing computer software installation
US20040054952A1 (en) * 2002-09-13 2004-03-18 Morrow James W. Device verification system and method
US20030084439A1 (en) * 2001-10-04 2003-05-01 Ross Perkins Incentive system for distributing software over a computer network
KR100947152B1 (en) * 2001-11-15 2010-03-12 소니 주식회사 Method of controlling the use and copying of digital content distributed on removable media and digital storage media using the same
US7840488B2 (en) 2001-11-20 2010-11-23 Contentguard Holdings, Inc. System and method for granting access to an item or permission to use an item based on configurable conditions
US7974923B2 (en) 2001-11-20 2011-07-05 Contentguard Holdings, Inc. Extensible rights expression processing system
EP1485833A4 (en) 2001-11-20 2005-10-12 Contentguard Holdings Inc An extensible rights expression processing system
AU2002362149A1 (en) * 2001-12-11 2003-06-23 Robert T. Quigg Stair-climbing wheelchair
US20050144175A1 (en) * 2002-02-18 2005-06-30 Siemens Aktiengesellschaft Method and system for administrating use of a service
US20030167407A1 (en) * 2002-03-01 2003-09-04 Brett Howard Authenticated file loader
WO2003079269A1 (en) 2002-03-14 2003-09-25 Contentguard Holdings, Inc. Rights expression profile system and method using templates and profiles
US7805371B2 (en) 2002-03-14 2010-09-28 Contentguard Holdings, Inc. Rights expression profile system and method
US7596600B2 (en) * 2002-03-28 2009-09-29 Quine Douglas B System for selective delivery of electronic communications
US7016919B2 (en) * 2002-03-29 2006-03-21 Agilent Technologies, Inc. Enterprise framework and applications supporting meta-data and data traceability requirements
US8656502B2 (en) * 2002-04-04 2014-02-18 Mcafee, Inc. Controlling use of a computer program installed on a computer
KR100671073B1 (en) 2002-04-29 2007-01-17 콘텐트가드 홀딩즈 인코포레이티드 Rights Management System Using Legality Expression Language
EP1509830A2 (en) 2002-05-02 2005-03-02 Shieldip, Inc. Method and apparatus for protecting information and privacy
AU2003239319A1 (en) * 2002-05-14 2003-12-02 Andrew J. Polcha System and method for automatically configuring remote computer
US20030217126A1 (en) * 2002-05-14 2003-11-20 Polcha Andrew J. System and method for automatically configuring remote computer
US20030217280A1 (en) * 2002-05-17 2003-11-20 Keaton Thomas S. Software watermarking for anti-tamper protection
US7222106B2 (en) * 2002-05-21 2007-05-22 International Business Machines Corporation Mechanisms for handling software license agreements on multi-user system
US7249174B2 (en) 2002-06-12 2007-07-24 Bladelogic, Inc. Method and system for executing and undoing distributed server change operations
US8909777B2 (en) 2002-06-26 2014-12-09 Intel Corporation Systems and methods for dynamic access to program features
FR2841667B1 (en) * 2002-06-26 2007-01-12 Nec Computers Internat Bv GRAPHICAL USER INTERFACE FOR INSTALLING COMPUTER PROGRAMS OF A STARTER BATCH
US20040010470A1 (en) * 2002-07-09 2004-01-15 Mills Charles A. Anti-piracy system for software and digital entertainment
US7383579B1 (en) * 2002-08-21 2008-06-03 At&T Delaware Intellectual Property, Inc. Systems and methods for determining anti-virus protection status
US20040093198A1 (en) * 2002-11-08 2004-05-13 Carbon Design Systems Hardware simulation with access restrictions
US7287052B2 (en) * 2002-11-09 2007-10-23 Microsoft Corporation Challenge and response interaction between client and server computing devices
US8181265B2 (en) * 2003-01-31 2012-05-15 Microsoft Corporation Secure machine counting
US7356709B2 (en) * 2003-01-31 2008-04-08 Microsoft Corporation Systems and methods for deterring software piracy in a volume license environment
US7644442B2 (en) 2003-01-31 2010-01-05 Microsoft Corporation Systems and methods for using machine attributes to deter software piracy in an enterprise environment
US20050004873A1 (en) * 2003-02-03 2005-01-06 Robin Pou Distribution and rights management of digital content
US20050102515A1 (en) * 2003-02-03 2005-05-12 Dave Jaworski Controlling read and write operations for digital media
US9818136B1 (en) 2003-02-05 2017-11-14 Steven M. Hoffberg System and method for determining contingent relevance
DE10304877A1 (en) * 2003-02-06 2004-08-19 Siemens Ag Procedure for installing a plug-in program
EP1590718A1 (en) * 2003-02-07 2005-11-02 Nokia Corporation Software distribution
DE10314449A1 (en) * 2003-03-31 2004-10-14 Robert Bosch Gmbh Sensor arrangement for force measurement
US7716474B2 (en) * 2003-05-12 2010-05-11 Byteblaze, Inc. Anti-piracy software protection system and method
US7685642B2 (en) 2003-06-26 2010-03-23 Contentguard Holdings, Inc. System and method for controlling rights expressions by stakeholders of an item
FR2857471B1 (en) * 2003-07-10 2008-09-26 Open Plug METHOD FOR MANAGING INTEGRATED SOFTWARE COMPONENTS IN AN ONBOARD SYSTEM
US7213268B2 (en) * 2003-07-25 2007-05-01 Aviation Communication And Surveillance Systems, Llc Method for controlling customer-implemented data updates
US8122100B2 (en) * 2003-07-28 2012-02-21 Limelight Networks, Inc. Multiple object download
US7516147B2 (en) 2003-10-23 2009-04-07 Sumisho Computer Systems Corporation URL system and method for licensing content
US8037515B2 (en) 2003-10-29 2011-10-11 Qualcomm Incorporated Methods and apparatus for providing application credentials
US7620362B2 (en) * 2003-12-04 2009-11-17 International Business Machines Corporation Controlling access to wirelessly broadcast electronic works during playback
ATE368883T1 (en) * 2003-12-15 2007-08-15 Mobile Integrated Solutions Lt METHOD FOR RESTRICTING THE REDISTRIBUTION OF LICENSED FILES IN A DIGITAL MOBILE SYSTEM
US20070098156A1 (en) * 2004-03-16 2007-05-03 Philip Blythe Digital rights management
US7287159B2 (en) 2004-04-01 2007-10-23 Shieldip, Inc. Detection and identification methods for software
ATE506797T1 (en) 2004-05-07 2011-05-15 Alcatel Lucent DATA AUTHENTICATION METHOD AND AGENT BASED SYSTEM
US8021230B2 (en) 2004-08-19 2011-09-20 Igt Gaming system having multiple gaming machines which provide bonus awards
US8251791B2 (en) 2004-08-19 2012-08-28 Igt Gaming system having multiple gaming machines which provide bonus awards
US7963847B2 (en) 2004-08-19 2011-06-21 Igt Gaming system having multiple gaming machines which provide bonus awards
US7590589B2 (en) 2004-09-10 2009-09-15 Hoffberg Steven M Game theoretic prioritization scheme for mobile ad hoc networks permitting hierarchal deference
US7240162B2 (en) 2004-10-22 2007-07-03 Stream Theory, Inc. System and method for predictive streaming
EP1825390A2 (en) 2004-11-13 2007-08-29 Stream Theory, Inc. Hybrid local/remote streaming
US8660961B2 (en) 2004-11-18 2014-02-25 Contentguard Holdings, Inc. Method, system, and device for license-centric content consumption
US20060143135A1 (en) * 2004-11-26 2006-06-29 Tucker David M Associating licensing information with software applications
US8190715B1 (en) * 2004-12-29 2012-05-29 Emc Corporation System and methods for remote agent installation
US20060200419A1 (en) * 2005-02-24 2006-09-07 Cook Johanna M System and method for user role based product license generation
US8024523B2 (en) 2007-11-07 2011-09-20 Endeavors Technologies, Inc. Opportunistic block transmission with time constraints
US9716609B2 (en) 2005-03-23 2017-07-25 Numecent Holdings, Inc. System and method for tracking changes to files in streaming applications
JP4727278B2 (en) * 2005-04-05 2011-07-20 株式会社エヌ・ティ・ティ・ドコモ Application program verification system, application program verification method, and computer program
US8484476B2 (en) 2005-05-20 2013-07-09 Rovi Technologies Corporation Computer-implemented method and system for embedding and authenticating ancillary information in digitally signed content
US8397072B2 (en) 2005-05-20 2013-03-12 Rovi Solutions Corporation Computer-implemented method and system for embedding ancillary information into the header of a digitally signed executable
US8521752B2 (en) * 2005-06-03 2013-08-27 Osr Open Systems Resources, Inc. Systems and methods for arbitrary data transformations
US7865765B2 (en) * 2005-06-09 2011-01-04 International Business Machines Corporation Grid licensing server and fault tolerant grid system and method of use
US20070011673A1 (en) * 2005-07-08 2007-01-11 Microsoft Corporation Integrated installation procedure for multiple installation sets
US20070028233A1 (en) * 2005-07-29 2007-02-01 Miller David D Traffic control software lock and method
DE102005039207A1 (en) * 2005-08-18 2007-03-15 Siemens Ag Method of using a program and associated units
JP2007065850A (en) * 2005-08-30 2007-03-15 Fujitsu Ltd Information processing apparatus, information processing method, and program
US8128491B2 (en) 2005-09-09 2012-03-06 Igt Server based gaming system having multiple progressive awards
US8137188B2 (en) 2005-09-09 2012-03-20 Igt Server based gaming system having multiple progressive awards
US7841939B2 (en) 2005-09-09 2010-11-30 Igt Server based gaming system having multiple progressive awards
US7568973B2 (en) 2005-09-09 2009-08-04 Igt Server based gaming system having multiple progressive awards
US8682795B2 (en) * 2005-09-16 2014-03-25 Oracle International Corporation Trusted information exchange based on trust agreements
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US7720767B2 (en) 2005-10-24 2010-05-18 Contentguard Holdings, Inc. Method and system to support dynamic rights and resources sharing
US10503418B2 (en) * 2005-12-01 2019-12-10 Drive Sentry Limited System and method to secure a computer system by selective control of write access to a data storage medium
JP4556857B2 (en) * 2005-12-07 2010-10-06 セイコーエプソン株式会社 Information distribution apparatus, information distribution apparatus control method, and control program
WO2007071465A1 (en) * 2005-12-22 2007-06-28 International Business Machines Corporation A method and apparatus for populating a software catalog with automated use signature generation
US20070233568A1 (en) * 2006-03-10 2007-10-04 Provident Intellectual Property, Llc Microtransactions Using Points Over Electronic Networks
US20070250711A1 (en) * 2006-04-25 2007-10-25 Phonified Llc System and method for presenting and inputting information on a mobile device
US20100048193A1 (en) * 2006-07-13 2010-02-25 Jean-Michel Ortion Secure upgrade of a mobile device with an individual upgrade software over the air
US8512130B2 (en) 2006-07-27 2013-08-20 Igt Gaming system with linked gaming machines that are configurable to have a same probability of winning a designated award
US7512748B1 (en) 2006-08-17 2009-03-31 Osr Open Systems Resources, Inc. Managing lock rankings
US8539228B1 (en) * 2006-08-24 2013-09-17 Osr Open Systems Resources, Inc. Managing access to a resource
US7862430B2 (en) 2006-09-27 2011-01-04 Igt Server based gaming system having system triggered loyalty award sequences
US7674180B2 (en) 2006-09-27 2010-03-09 Igt Server based gaming system having system triggered loyalty award sequences
US8616959B2 (en) 2006-09-27 2013-12-31 Igt Server based gaming system having system triggered loyalty award sequences
US8261345B2 (en) 2006-10-23 2012-09-04 Endeavors Technologies, Inc. Rule-based application access management
US8682800B2 (en) * 2007-01-30 2014-03-25 Microsoft Corporation Controlling access to technology based upon authorization
US8024433B2 (en) * 2007-04-24 2011-09-20 Osr Open Systems Resources, Inc. Managing application resources
US7985133B2 (en) 2007-07-30 2011-07-26 Igt Gaming system and method for providing an additional gaming currency
JP4972208B2 (en) * 2007-07-31 2012-07-11 ロヴィ・ソリューションズ・コーポレーション Computer-implemented method and system enabling out-of-band tracking of digital distribution
US8900053B2 (en) 2007-08-10 2014-12-02 Igt Gaming system and method for providing different bonus awards based on different types of triggered events
US7949693B1 (en) 2007-08-23 2011-05-24 Osr Open Systems Resources, Inc. Log-structured host data storage
US8490078B2 (en) * 2007-09-25 2013-07-16 Barclays Capital, Inc. System and method for application management
US8819815B1 (en) 2007-10-16 2014-08-26 Jpmorgan Chase Bank, N.A. Method and system for distributing and tracking information
US9142097B2 (en) 2007-10-26 2015-09-22 Igt Gaming system and method for providing play of local first game and remote second game
US8892738B2 (en) 2007-11-07 2014-11-18 Numecent Holdings, Inc. Deriving component statistics for a stream enabled application
US8607226B2 (en) * 2008-01-22 2013-12-10 International Business Machines Corporation Solution for locally staged electronic software distribution using secure removable media
JP5121542B2 (en) * 2008-04-09 2013-01-16 キヤノン株式会社 Application packaging device, its control method, and program
US9946848B2 (en) 2009-02-26 2018-04-17 International Business Machines Corporation Software protection using an installation product having an entitlement file
FR2945367B1 (en) * 2009-05-11 2012-06-22 Regie Autonome Transports METHOD FOR CONTROLLING THE ACTIVATION OF AN APPLICATION ON A SECURE PLATFORM BY AN ACTOR EXTERIOR TO THE LOADING CHAIN
US8676714B2 (en) * 2009-06-11 2014-03-18 Microsoft Corporation Hardware specific product license validation
FR2947934B1 (en) * 2009-07-08 2011-07-22 Sfr METHOD FOR DYNAMIC TRACEABILITY AND ACCOUNTABILITY OF EXCHANGES IN AN INTERNET-TYPE OPEN ENVIRONMENT
US9039516B2 (en) 2009-07-30 2015-05-26 Igt Concurrent play on multiple gaming machines
US8255991B1 (en) * 2009-08-17 2012-08-28 Google Inc. Computer application pre-permissioning
US8650246B2 (en) * 2009-10-29 2014-02-11 Fujitsu Technology Solutions Intellectual Property Gmbh Method and system for licensing a software product
US8473753B2 (en) 2010-09-15 2013-06-25 International Business Machines Corporation Real-time secure self-acquiring root authority
DE102010037784B4 (en) * 2010-09-27 2014-07-31 Kobil Systems Gmbh Method for increasing the security of security-related online services
US9158605B2 (en) * 2010-12-01 2015-10-13 Microsoft Technology Licensing, Llc Method, system and device for validating repair files and repairing corrupt software
CN102065096B (en) * 2010-12-31 2014-11-05 惠州Tcl移动通信有限公司 Player, mobile communication equipment, authentication server, authentication system and method
US8635425B1 (en) * 2011-08-31 2014-01-21 Amazon Technologies, Inc. Upgrading computing devices
US8903874B2 (en) 2011-11-03 2014-12-02 Osr Open Systems Resources, Inc. File system directory attribute correction
CN102546839B (en) * 2012-03-25 2014-10-22 沈阳通用软件有限公司 Efficient and reliable software distribution method for large scale network
JP2012142022A (en) * 2012-04-06 2012-07-26 Rovi Solutions Corp Method and system to enable out-of-band tracking of digital distribution and to be performed by computer
US9355228B2 (en) * 2012-07-13 2016-05-31 Angel Secure Networks, Inc. System and method for policy driven protection of remote computing environments
US20140164266A1 (en) * 2012-12-07 2014-06-12 Whp Workflow Solutions, Llc Multi-media file upload workflow and transactions
GB2514716A (en) * 2013-10-25 2014-12-03 Univ Stellenbosch System and method for monitoring third party access to a restricted item
US9595034B2 (en) 2013-10-25 2017-03-14 Stellenbosch University System and method for monitoring third party access to a restricted item
US9830329B2 (en) 2014-01-15 2017-11-28 W. Anthony Mason Methods and systems for data storage
US8997256B1 (en) 2014-03-31 2015-03-31 Terbium Labs LLC Systems and methods for detecting copied computer code using fingerprints
US9459861B1 (en) 2014-03-31 2016-10-04 Terbium Labs, Inc. Systems and methods for detecting copied computer code using fingerprints
US10286326B2 (en) 2014-07-03 2019-05-14 Activision Publishing, Inc. Soft reservation system and method for multiplayer video games
US9875618B2 (en) 2014-07-24 2018-01-23 Igt Gaming system and method employing multi-directional interaction between multiple concurrently played games
US10118099B2 (en) 2014-12-16 2018-11-06 Activision Publishing, Inc. System and method for transparently styling non-player characters in a multiplayer video game
US9336092B1 (en) * 2015-01-01 2016-05-10 Emc Corporation Secure data deduplication
US10315113B2 (en) * 2015-05-14 2019-06-11 Activision Publishing, Inc. System and method for simulating gameplay of nonplayer characters distributed across networked end user devices
US9972171B2 (en) 2015-09-24 2018-05-15 Igt Gaming system and method for providing a triggering event based on a collection of units from different games
DE102015225651A1 (en) * 2015-12-17 2017-06-22 Robert Bosch Gmbh Method and apparatus for transmitting software
US10013558B1 (en) 2015-12-17 2018-07-03 Lockheed Martin Corporation Method and computer readable medium for secure software installation mechanism
US10500498B2 (en) 2016-11-29 2019-12-10 Activision Publishing, Inc. System and method for optimizing virtual games
US11040286B2 (en) 2017-09-27 2021-06-22 Activision Publishing, Inc. Methods and systems for improved content generation in multiplayer gaming environments
US10561945B2 (en) 2017-09-27 2020-02-18 Activision Publishing, Inc. Methods and systems for incentivizing team cooperation in multiplayer gaming environments
US10974150B2 (en) 2017-09-27 2021-04-13 Activision Publishing, Inc. Methods and systems for improved content customization in multiplayer gaming environments
US10765948B2 (en) 2017-12-22 2020-09-08 Activision Publishing, Inc. Video game content aggregation, normalization, and publication systems and methods
CN108363580A (en) * 2018-03-12 2018-08-03 平安普惠企业管理有限公司 Application program installation method, device, computer equipment and storage medium
US11679330B2 (en) 2018-12-18 2023-06-20 Activision Publishing, Inc. Systems and methods for generating improved non-player characters
US11097193B2 (en) 2019-09-11 2021-08-24 Activision Publishing, Inc. Methods and systems for increasing player engagement in multiplayer gaming environments
US11712627B2 (en) 2019-11-08 2023-08-01 Activision Publishing, Inc. System and method for providing conditional access to virtual gaming items
US11351459B2 (en) 2020-08-18 2022-06-07 Activision Publishing, Inc. Multiplayer video games with virtual characters having dynamically generated attribute profiles unconstrained by predefined discrete values
US11524234B2 (en) 2020-08-18 2022-12-13 Activision Publishing, Inc. Multiplayer video games with virtual characters having dynamically modified fields of view
CN114189337A (en) * 2021-11-18 2022-03-15 山东云海国创云计算装备产业创新中心有限公司 Firmware burning method, device, equipment and storage medium
US12047435B1 (en) 2023-07-07 2024-07-23 International Business Machines Corporation Managing software catalogs in hybrid and multi-cloud environments

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5103476A (en) * 1990-11-07 1992-04-07 Waite David P Secure system for activating personal computer software at remote locations
US5222134A (en) * 1990-11-07 1993-06-22 Tau Systems Corporation Secure system for activating personal computer software at remote locations
US5341429A (en) * 1992-12-04 1994-08-23 Testdrive Corporation Transformation of ephemeral material
US5509070A (en) * 1992-12-15 1996-04-16 Softlock Services Inc. Method for encouraging purchase of executable and non-executable software
US5416840A (en) * 1993-07-06 1995-05-16 Phoenix Technologies, Ltd. Software catalog encoding method and system
US5509074A (en) * 1994-01-27 1996-04-16 At&T Corp. Method of protecting electronically published materials using cryptographic protocols
US5553143A (en) * 1994-02-04 1996-09-03 Novell, Inc. Method and apparatus for electronic licensing
US5530752A (en) * 1994-02-22 1996-06-25 Convex Computer Corporation Systems and methods for protecting software from unlicensed copying and use
US5724425A (en) * 1994-06-10 1998-03-03 Sun Microsystems, Inc. Method and apparatus for enhancing software security and distributing software
US5493649A (en) * 1994-06-21 1996-02-20 Microsoft Corporation Detecting corruption in a computer program at execution time using a checksum
US5559884A (en) * 1994-06-30 1996-09-24 Microsoft Corporation Method and system for generating and auditing a signature for a computer program
US5586186A (en) * 1994-07-15 1996-12-17 Microsoft Corporation Method and system for controlling unauthorized access to information distributed to users
US5586304A (en) * 1994-09-08 1996-12-17 Compaq Computer Corporation Automatic computer upgrading
DE69521977T2 (en) * 1994-12-13 2002-04-04 International Business Machines Corp., Armonk Process and system for secure program distribution
US5825877A (en) * 1996-06-11 1998-10-20 International Business Machines Corporation Support for portable trusted software

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100428256C (en) * 2002-07-23 2008-10-22 索尼株式会社 Information processing device, information processing method, and computer program
CN101238470B (en) * 2005-08-10 2010-08-18 诺基亚公司 Method for operating computing device, method for manufacturing software
CN1946222B (en) * 2005-10-04 2011-08-31 乐金电子(中国)研究开发中心有限公司 Software certification device for mobile communication terminal and method thereof
CN100396012C (en) * 2006-02-23 2008-06-18 华为技术有限公司 Software validity checking system and method based on device management protocol
CN107924304A (en) * 2015-05-06 2018-04-17 迈克菲有限公司 Presence to bundled software in installation process alerts

Also Published As

Publication number Publication date
JP2002503365A (en) 2002-01-29
AU6492198A (en) 1998-10-30
CA2285392A1 (en) 1998-10-15
EP0974084A1 (en) 2000-01-26
US6108420A (en) 2000-08-22
WO1998045768A1 (en) 1998-10-15

Similar Documents

Publication Publication Date Title
CN1255209A (en) Method and system for networked installation of uniquely customized, authenticable and traceable software applications
US6889209B1 (en) Method and apparatus for protecting information and privacy
CN1220121C (en) Method and system for using interference-free microprocessor to allocate program
CN100401271C (en) Data access method and apparatus for storing safety key enciphering (SAKE) equipment to control network
US9628447B2 (en) Methods and apparatus for protected distribution of applications and media content
US7991995B2 (en) Method and apparatus for protecting information and privacy
JP4746233B2 (en) Trusted computing platforms that limit the use of data
US7734921B2 (en) System and method for guaranteeing software integrity via combined hardware and software authentication
US10992480B2 (en) Method and system for performing a transaction and for performing a verification of legitimate access to, or use of digital data
CN1326629A (en) Method and system for authenticating and utilizing secure resources in computer system
US6920563B2 (en) System and method to securely store information in a recoverable manner on an untrusted system
CN101473335A (en) Information processing terminal and status notifying method
US11063766B2 (en) Method and system for performing a transaction and for performing a verification of legitimate access to, or use of digital data
CN1333610A (en) Method for identifying user
US11455379B2 (en) Control system and method thereof for secure manufacturing
EP3731127B1 (en) Control system and method thereof for secure manufacturing
CN116167020A (en) Software authorization method and system
US7197144B1 (en) Method and apparatus to authenticate a user's system to prevent unauthorized use of software products distributed to users
JP2002352146A (en) Method, system and program for charging contents parts and storage medium with contents parts charging program stored therein
CN118245990B (en) Multi-level offline authorization method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
C53 Correction of patent of invention or patent application
CB02 Change of applicant information

Applicant after: NETWORK ACTION Corp.

Applicant before: Charnwell Ltd.

COR Change of bibliographic data

Free format text: CORRECT: APPLICANT; FROM: CHARNAIWER CO., LTD. TO: NETWORKS ACTIVITY CO.,LTD.

SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication
REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1027178

Country of ref document: HK